diff options
Diffstat (limited to 'pkgs/tools/security')
| -rw-r--r-- | pkgs/tools/security/cariddi/default.nix | 6 | ||||
| -rw-r--r-- | pkgs/tools/security/cfripper/default.nix | 4 | ||||
| -rw-r--r-- | pkgs/tools/security/feroxbuster/default.nix | 45 | ||||
| -rw-r--r-- | pkgs/tools/security/fulcio/default.nix | 52 | ||||
| -rw-r--r-- | pkgs/tools/security/grype/default.nix | 21 | ||||
| -rw-r--r-- | pkgs/tools/security/metasploit/Gemfile | 2 | ||||
| -rw-r--r-- | pkgs/tools/security/metasploit/Gemfile.lock | 58 | ||||
| -rw-r--r-- | pkgs/tools/security/metasploit/default.nix | 4 | ||||
| -rw-r--r-- | pkgs/tools/security/metasploit/gemset.nix | 74 | ||||
| -rw-r--r-- | pkgs/tools/security/minio-certgen/default.nix | 4 | ||||
| -rw-r--r-- | pkgs/tools/security/sequoia/default.nix | 8 | ||||
| -rw-r--r-- | pkgs/tools/security/sigma-cli/default.nix | 4 | ||||
| -rw-r--r-- | pkgs/tools/security/spire/default.nix | 7 | ||||
| -rw-r--r-- | pkgs/tools/security/volatility3/default.nix | 10 | ||||
| -rw-r--r-- | pkgs/tools/security/zdns/default.nix | 11 |
15 files changed, 191 insertions, 119 deletions
diff --git a/pkgs/tools/security/cariddi/default.nix b/pkgs/tools/security/cariddi/default.nix index 9f29826808d..74e9b05b237 100644 --- a/pkgs/tools/security/cariddi/default.nix +++ b/pkgs/tools/security/cariddi/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "cariddi"; - version = "1.1.5"; + version = "1.1.6"; src = fetchFromGitHub { owner = "edoardottt"; repo = pname; rev = "v${version}"; - sha256 = "sha256-PXQljC9rwlxXQ96fII3EjD4NXu61EMkYvMWqkcJZ4vU="; + sha256 = "sha256-/ez2biYU8NnVny8v5Mu9pLq0oqzcIenpyEb3qkPd9v8="; }; - vendorSha256 = "sha256-zNUdglsfy6lEV54afCAoigxa3rR0qf/e3+B4PvVRIa4="; + vendorSha256 = "sha256-zJ39tAq+ooROMHG1vC2m2rbq+wttxqYxAd2hLg5GtJM="; meta = with lib; { description = "Crawler for URLs and endpoints"; diff --git a/pkgs/tools/security/cfripper/default.nix b/pkgs/tools/security/cfripper/default.nix index 39b0187c4a6..4e5d2e7e030 100644 --- a/pkgs/tools/security/cfripper/default.nix +++ b/pkgs/tools/security/cfripper/default.nix @@ -5,13 +5,13 @@ python3.pkgs.buildPythonApplication rec { pname = "cfripper"; - version = "1.5.1"; + version = "1.6.0"; src = fetchFromGitHub { owner = "Skyscanner"; repo = pname; rev = version; - hash = "sha256-/qcpLCk1ZZMKxhqK6q6sSbRDjiF5GQmDJzvCaV2kAqQ="; + hash = "sha256-bomQqg+xzq7+iccE+x6mN265HxkYvy13aAwBBikth3U="; }; propagatedBuildInputs = with python3.pkgs; [ diff --git a/pkgs/tools/security/feroxbuster/default.nix b/pkgs/tools/security/feroxbuster/default.nix new file mode 100644 index 00000000000..ecfc496ce8e --- /dev/null +++ b/pkgs/tools/security/feroxbuster/default.nix @@ -0,0 +1,45 @@ +{ lib +, stdenv +, fetchFromGitHub +, openssl +, pkg-config +, rustPlatform +, Security +}: + +rustPlatform.buildRustPackage rec { + pname = "feroxbuster"; + version = "2.6.1"; + + src = fetchFromGitHub { + owner = "epi052"; + repo = pname; + rev = "v${version}"; + hash = "sha256-RY9bFuALRaVXDrC0eIx0inPjRqNpRKNZf3mCrKIdGL8="; + }; + + cargoSha256 = "sha256-0Zawlx/lhF7K8nOsHYKO84pnctVMpm3RfnAFCOltOqE="; + + OPENSSL_NO_VENDOR = true; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + openssl + ] ++ lib.optionals stdenv.isDarwin [ + Security + ]; + + # Tests require network access + doCheck = false; + + meta = with lib; { + description = "Fast, simple, recursive content discovery tool"; + homepage = "https://github.com/epi052/feroxbuster"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} + diff --git a/pkgs/tools/security/fulcio/default.nix b/pkgs/tools/security/fulcio/default.nix index 96ef86d18d1..300b996524d 100644 --- a/pkgs/tools/security/fulcio/default.nix +++ b/pkgs/tools/security/fulcio/default.nix @@ -2,33 +2,61 @@ buildGoModule rec { pname = "fulcio"; - version = "0.1.1"; + version = "0.2.0"; src = fetchFromGitHub { owner = "sigstore"; repo = pname; rev = "v${version}"; - sha256 = "sha256-MvLQMGPyJYqYUljLqsr+qJeeYnxdH9aNGkWpDRvOeh8="; + sha256 = "sha256-tCjFx9Ug8rO8cSxQb2vBG/MHSUJCx17lDeGnSGjZLcI="; + # populate values that require us to use git. By doing this in postFetch we + # can delete .git afterwards and maintain better reproducibility of the src. + leaveDotGit = true; + postFetch = '' + cd "$out" + git rev-parse HEAD > $out/COMMIT + # '0000-00-00T00:00:00Z' + date -u -d "@$(git log -1 --pretty=%ct)" "+'%Y-%m-%dT%H:%M:%SZ'" > $out/SOURCE_DATE_EPOCH + find "$out" -name .git -print0 | xargs -0 rm -rf + ''; }; - vendorSha256 = "sha256-pRL0et+UOi/tzuQz/Q7UmSA+pVhLJYR8lG8NAbPN9PU="; + vendorSha256 = "sha256-CmtsReP0JacgNyRqCrYZRONwR5eluymrQgsj/ukhYNQ="; - ldflags = [ "-s" "-w" ]; - - # Install completions post-install + # install completions post-install nativeBuildInputs = [ installShellFiles ]; + ldflags = [ + "-s" + "-w" + "-X github.com/sigstore/fulcio/cmd/app.gitVersion=v${version}" + "-X github.com/sigstore/fulcio/cmd/app.gitTreeState=clean" + ]; + + # ldflags based on metadata from git and source + preBuild = '' + ldflags+=" -X github.com/sigstore/fulcio/cmd/app.gitCommit=$(cat COMMIT)" + ldflags+=" -X github.com/sigstore/fulcio/cmd/app.buildDate=$(cat SOURCE_DATE_EPOCH)" + ''; + + preCheck = '' + # remove test that requires networking + rm pkg/config/config_test.go + ''; + postInstall = '' - mv $out/bin/fulcio $out/bin/fulcio-server - installShellCompletion --cmd fulcio-server \ - --bash <($out/bin/fulcio-server completion bash) \ - --fish <($out/bin/fulcio-server completion fish) \ - --zsh <($out/bin/fulcio-server completion zsh) + installShellCompletion --cmd fulcio \ + --bash <($out/bin/fulcio completion bash) \ + --fish <($out/bin/fulcio completion fish) \ + --zsh <($out/bin/fulcio completion zsh) ''; doInstallCheck = true; installCheckPhase = '' runHook preInstallCheck - $out/bin/fulcio-server --help + + $out/bin/fulcio --help + $out/bin/fulcio version | grep "v${version}" + runHook postInstallCheck ''; diff --git a/pkgs/tools/security/grype/default.nix b/pkgs/tools/security/grype/default.nix index 377bed93054..1b80d7ecd88 100644 --- a/pkgs/tools/security/grype/default.nix +++ b/pkgs/tools/security/grype/default.nix @@ -6,28 +6,26 @@ buildGoModule rec { pname = "grype"; - version = "0.34.1"; + version = "0.34.3"; src = fetchFromGitHub { owner = "anchore"; repo = pname; rev = "v${version}"; - sha256 = "sha256-Xr3ws6qmfL25Kml7Klw095N9MNrm6a8lBtOWiucnzXE="; + sha256 = "sha256-iWmLfQ08+dhjvKQiK2iy2Tegk4jH9dGopu/6kdDRZd0="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; postFetch = '' cd "$out" - commit="$(git rev-parse HEAD)" - source_date_epoch=$(git log --date=format:'%Y-%m-%dT%H:%M:%SZ' -1 --pretty=%ad) - substituteInPlace "$out/internal/version/build.go" \ - --replace 'gitCommit = valueNotProvided' "gitCommit = \"$commit\"" \ - --replace 'buildDate = valueNotProvided' "buildDate = \"$source_date_epoch\"" + git rev-parse HEAD > $out/COMMIT + # 0000-00-00T00:00:00Z + date -u -d "@$(git log -1 --pretty=%ct)" "+%Y-%m-%dT%H:%M:%SZ" > $out/SOURCE_DATE_EPOCH find "$out" -name .git -print0 | xargs -0 rm -rf ''; }; - vendorSha256 = "sha256-fuOAfLESs/97aQUkIy6DkmYFyvKKCHazgt1WnE8GeH8="; + vendorSha256 = "sha256-WrUZFlN7dPbyN9InjX/Y9J+iYKu5v2/SHmRgDP5BJi8="; nativeBuildInputs = [ installShellFiles @@ -37,14 +35,17 @@ buildGoModule rec { "-s" "-w" "-X github.com/anchore/grype/internal/version.version=${version}" + "-X github.com/anchore/grype/internal/version.gitDescription=v${version}" "-X github.com/anchore/grype/internal/version.gitTreeState=clean" ]; preBuild = '' # grype version also displays the version of the syft library used # we need to grab it from the go.sum and add an ldflag for it - SYFTVERSION="$(grep "github.com/anchore/syft" go.sum -m 1 | awk '{print $2}')" - ldflags+=" -X github.com/anchore/grype/internal/version.syftVersion=$SYFTVERSION" + SYFT_VERSION="$(grep "github.com/anchore/syft" go.sum -m 1 | awk '{print $2}')" + ldflags+=" -X github.com/anchore/grype/internal/version.syftVersion=$SYFT_VERSION" + ldflags+=" -X github.com/anchore/grype/internal/version.gitCommit=$(cat COMMIT)" + ldflags+=" -X github.com/anchore/grype/internal/version.buildDate=$(cat SOURCE_DATE_EPOCH)" ''; # Tests require a running Docker instance diff --git a/pkgs/tools/security/metasploit/Gemfile b/pkgs/tools/security/metasploit/Gemfile index bdecd4e0a94..90c0d3987cd 100644 --- a/pkgs/tools/security/metasploit/Gemfile +++ b/pkgs/tools/security/metasploit/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true source "https://rubygems.org" -gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.1.32" +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.1.34" diff --git a/pkgs/tools/security/metasploit/Gemfile.lock b/pkgs/tools/security/metasploit/Gemfile.lock index 6855f10bb48..080eefa6e2b 100644 --- a/pkgs/tools/security/metasploit/Gemfile.lock +++ b/pkgs/tools/security/metasploit/Gemfile.lock @@ -1,9 +1,9 @@ GIT remote: https://github.com/rapid7/metasploit-framework - revision: f7cd9896b753377c4c663188b6c26500b7850f41 - ref: refs/tags/6.1.32 + revision: e1ab1599c07319d2732645b003c038ffa4dad7cd + ref: refs/tags/6.1.34 specs: - metasploit-framework (6.1.32) + metasploit-framework (6.1.34) actionpack (~> 6.0) activerecord (~> 6.0) activesupport (~> 6.0) @@ -98,25 +98,25 @@ GEM remote: https://rubygems.org/ specs: Ascii85 (1.1.0) - actionpack (6.1.4.6) - actionview (= 6.1.4.6) - activesupport (= 6.1.4.6) + actionpack (6.1.5) + actionview (= 6.1.5) + activesupport (= 6.1.5) rack (~> 2.0, >= 2.0.9) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actionview (6.1.4.6) - activesupport (= 6.1.4.6) + actionview (6.1.5) + activesupport (= 6.1.5) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - activemodel (6.1.4.6) - activesupport (= 6.1.4.6) - activerecord (6.1.4.6) - activemodel (= 6.1.4.6) - activesupport (= 6.1.4.6) - activesupport (6.1.4.6) + activemodel (6.1.5) + activesupport (= 6.1.5) + activerecord (6.1.5) + activemodel (= 6.1.5) + activesupport (= 6.1.5) + activesupport (6.1.5) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) @@ -128,13 +128,13 @@ GEM arel-helpers (2.14.0) activerecord (>= 3.1.0, < 8) aws-eventstream (1.2.0) - aws-partitions (1.563.0) - aws-sdk-core (3.128.0) + aws-partitions (1.568.0) + aws-sdk-core (3.130.0) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.525.0) aws-sigv4 (~> 1.1) jmespath (~> 1.0) - aws-sdk-ec2 (1.302.0) + aws-sdk-ec2 (1.303.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-iam (1.68.0) @@ -149,7 +149,7 @@ GEM aws-sigv4 (~> 1.4) aws-sigv4 (1.4.0) aws-eventstream (~> 1, >= 1.0.2) - bcrypt (3.1.16) + bcrypt (3.1.17) bcrypt_pbkdf (1.1.0) bindata (2.4.10) bson (4.14.1) @@ -221,7 +221,7 @@ GEM io-console (0.5.11) irb (1.3.6) reline (>= 0.2.5) - jmespath (1.6.0) + jmespath (1.6.1) jsobfu (0.4.2) rkelly-remix json (2.6.1) @@ -229,7 +229,7 @@ GEM logging (2.3.0) little-plugger (~> 1.1) multi_json (~> 1.14) - loofah (2.14.0) + loofah (2.15.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) metasm (1.0.5) @@ -298,7 +298,7 @@ GEM hashery (~> 2.0) ruby-rc4 ttfunk - pg (1.3.3) + pg (1.3.4) public_suffix (4.0.6) puma (5.6.2) nio4r (~> 2.0) @@ -313,11 +313,11 @@ GEM nokogiri (>= 1.6) rails-html-sanitizer (1.4.2) loofah (~> 2.3) - railties (6.1.4.6) - actionpack (= 6.1.4.6) - activesupport (= 6.1.4.6) + railties (6.1.5) + actionpack (= 6.1.5) + activesupport (= 6.1.5) method_source - rake (>= 0.13) + rake (>= 12.2) thor (~> 1.0) rake (13.0.6) rb-readline (0.5.5) @@ -339,7 +339,7 @@ GEM metasm rex-arch rex-text - rex-exploitation (0.1.28) + rex-exploitation (0.1.29) jsobfu metasm rex-arch @@ -347,7 +347,7 @@ GEM rex-text rexml rex-java (0.1.6) - rex-mime (0.1.6) + rex-mime (0.1.7) rex-text rex-nop (0.1.2) rex-arch @@ -409,11 +409,11 @@ GEM ttfunk (1.7.0) tzinfo (2.0.4) concurrent-ruby (~> 1.0) - tzinfo-data (1.2021.5) + tzinfo-data (1.2022.1) tzinfo (>= 1.0.0) unf (0.1.4) unf_ext - unf_ext (0.0.8) + unf_ext (0.0.8.1) unix-crypt (1.3.0) warden (1.2.9) rack (>= 2.0.9) diff --git a/pkgs/tools/security/metasploit/default.nix b/pkgs/tools/security/metasploit/default.nix index 11215cd3dde..99d801482af 100644 --- a/pkgs/tools/security/metasploit/default.nix +++ b/pkgs/tools/security/metasploit/default.nix @@ -15,13 +15,13 @@ let }; in stdenv.mkDerivation rec { pname = "metasploit-framework"; - version = "6.1.32"; + version = "6.1.34"; src = fetchFromGitHub { owner = "rapid7"; repo = "metasploit-framework"; rev = version; - sha256 = "sha256-UoH+tp3I9YTXXNXDaYne1E9Zpoj9fbr7mnIQws6TXJs="; + sha256 = "sha256-6rGELJYmddWoR6qIuXKoCT5RpMASIzssWG9Y0Xtx+Z8="; }; nativeBuildInputs = [ makeWrapper ]; diff --git a/pkgs/tools/security/metasploit/gemset.nix b/pkgs/tools/security/metasploit/gemset.nix index 0104412d350..0d0271cca4b 100644 --- a/pkgs/tools/security/metasploit/gemset.nix +++ b/pkgs/tools/security/metasploit/gemset.nix @@ -4,50 +4,50 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1d4nxv0p3wv4w0pf89nmxzg10balny5rwbchwsscgiminzh3mg7y"; + sha256 = "0kk8c6n94lg5gyarsy33wakw04zbmdwgfr7zxv4zzmbnp1yach0w"; type = "gem"; }; - version = "6.1.4.6"; + version = "6.1.5"; }; actionview = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0cmxc80gg7pm6d9y7ah5qr4ymzks8rp51jv0a2qdq2m9p6llzlkk"; + sha256 = "16w7pl8ir253g1dzlzx4mwrjsx3v7fl7zn941xz53zb4ld286mhi"; type = "gem"; }; - version = "6.1.4.6"; + version = "6.1.5"; }; activemodel = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0izra8g3g1agv3mz72b0474adkj4ldszj3nwk3l0szgrln7df0lv"; + sha256 = "16anyz7wqwmphzb6w1sgmvdvj50g3zp70s94s5v8hwxj680f6195"; type = "gem"; }; - version = "6.1.4.6"; + version = "6.1.5"; }; activerecord = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15v0dwp2122yzwlw8ca0lgx5qbw8fsasbn8zzcks1mvmc9afisss"; + sha256 = "0jl6jc9g9jxsljfnnmbkxrgwrz86icw6g745cv6iavryizrmw939"; type = "gem"; }; - version = "6.1.4.6"; + version = "6.1.5"; }; activesupport = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0vrz4vgqz4grr2ykwkd8zhhd0rg12z89n89zl6aff17zrdhhad35"; + sha256 = "0jmqndx3a46hpwz33ximqch27018n3mk9z19azgpylm33w7xpkx4"; type = "gem"; }; - version = "6.1.4.6"; + version = "6.1.5"; }; addressable = { groups = ["default"]; @@ -104,30 +104,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0l4f97kmsz1niicj52bm88ggbq3lvn41w0cckfwksh4yikjh20wv"; + sha256 = "1ap27g6hxcczpb5dj7v0wzxrvywfa2kf3zx69xnjz1qvxf3plw54"; type = "gem"; }; - version = "1.563.0"; + version = "1.568.0"; }; aws-sdk-core = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xpqx000gq1j0n211c9bch5b2rc48a54kxk87m6y8z844c0wlqk7"; + sha256 = "14ymvp06k46gvkpvz5zaqvbvr6wd8vdka5iq25q0wd0fzdx7aivm"; type = "gem"; }; - version = "3.128.0"; + version = "3.130.0"; }; aws-sdk-ec2 = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "13x9rwkykyw873prd2k9pqwrjkf9jsqih9aksbf9fn8hfnsv6db8"; + sha256 = "12k3gjsagdb11crg2gx7373qn1zhglkkija9d6558v0slcza8m3j"; type = "gem"; }; - version = "1.302.0"; + version = "1.303.0"; }; aws-sdk-iam = { groups = ["default"]; @@ -174,10 +174,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "02r1c3isfchs5fxivbq99gc3aq4vfyn8snhcy707dal1p8qz12qb"; + sha256 = "1rakdhrnlclrpy7sihi9ipwdh7fjkkvzga171464lq6rzp07cf65"; type = "gem"; }; - version = "3.1.16"; + version = "3.1.17"; }; bcrypt_pbkdf = { groups = ["default"]; @@ -594,10 +594,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1gjrr5pdcl3l3skhp9d0jzs4yhmknpv3ldcz59b339b9lqbqasnr"; + sha256 = "1mnvb80cdg7fzdcs3xscv21p28w4igk5sj5m7m81xp8v2ks87jj0"; type = "gem"; }; - version = "1.6.0"; + version = "1.6.1"; }; jsobfu = { groups = ["default"]; @@ -644,10 +644,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0z8bdcmw66j3dy6ivcc02yq32lx3n9bavx497llln8qy014xjm4w"; + sha256 = "1yp1h1j7pdkqvnx8jl6bkzlajav3h5mhqzihgs9p6y3c8927mw23"; type = "gem"; }; - version = "2.14.0"; + version = "2.15.0"; }; metasm = { groups = ["default"]; @@ -684,12 +684,12 @@ platforms = []; source = { fetchSubmodules = false; - rev = "f7cd9896b753377c4c663188b6c26500b7850f41"; - sha256 = "16swjg7c443jkbxvlzgxi2k5jkylvs4nkhymbkbq9xf8knvgx0aj"; + rev = "e1ab1599c07319d2732645b003c038ffa4dad7cd"; + sha256 = "17zrf5xx2n3gb0n3n8qjq2j52gh9m1rbk25a8yldax96jqn89cga"; type = "git"; url = "https://github.com/rapid7/metasploit-framework"; }; - version = "6.1.32"; + version = "6.1.34"; }; metasploit-model = { groups = ["default"]; @@ -977,10 +977,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0qqky1q9xhji017q1apx9w81qdlwpm6ix3amhikjy416hxxmhcj1"; + sha256 = "090c3kazlmiizp25las7dgi8wlc11s29nrs2gy3qrp1z8qikgcmb"; type = "gem"; }; - version = "1.3.3"; + version = "1.3.4"; }; public_suffix = { groups = ["default"]; @@ -1067,10 +1067,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1snhwpbnmsyhr297qmin8i5i631aimjca1hiazi128i1355255hb"; + sha256 = "1fdqhv8qhk2dspkrr9f5dj3806g52cb0l1chh2hx8v81y218cl93"; type = "gem"; }; - version = "6.1.4.6"; + version = "6.1.5"; }; rake = { groups = ["default"]; @@ -1167,10 +1167,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08v5nam0xp6f8qi3nyqzh97sz07hy59w82y213jz919mrgpb70vc"; + sha256 = "0asx13g0xqb8wnslrmsld2l1w2qpl6kjrcbfl945kw1nm7k5bwxb"; type = "gem"; }; - version = "0.1.28"; + version = "0.1.29"; }; rex-java = { groups = ["default"]; @@ -1187,10 +1187,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0wzw1qcdgbn3iyskppy5038mcdrzplyai45pilm5qjj4fwvjdl6m"; + sha256 = "00qpd5i8naw601q6aij652gw8x6my5d5drf63lq9fridjrqj0nja"; type = "gem"; }; - version = "0.1.6"; + version = "0.1.7"; }; rex-nop = { groups = ["default"]; @@ -1497,10 +1497,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0w1iyvw0m2xvdr4654jnn1g27jwj84y94dvaj1k2p3lcrvndm698"; + sha256 = "0yvfyxz70r45j65763fzy0p5j8cxlhnpn1n5lcxj4is7hp8v5i23"; type = "gem"; }; - version = "1.2021.5"; + version = "1.2022.1"; }; unf = { groups = ["default"]; @@ -1517,10 +1517,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0jmbimpnpjdzz8hlrppgl9spm99qh3qzbx0b81k3gkgwba8nk3yd"; + sha256 = "0bf120xbq23zjyf8zi8h1576d71g58srr8rndig0whn10w72vrxz"; type = "gem"; }; - version = "0.0.8"; + version = "0.0.8.1"; }; unix-crypt = { groups = ["default"]; diff --git a/pkgs/tools/security/minio-certgen/default.nix b/pkgs/tools/security/minio-certgen/default.nix index ee4413c9041..16dbfdf63ad 100644 --- a/pkgs/tools/security/minio-certgen/default.nix +++ b/pkgs/tools/security/minio-certgen/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "minio-certgen"; - version = "1.1.0"; + version = "1.2.0"; src = fetchFromGitHub { owner = "minio"; repo = "certgen"; rev = "v${version}"; - sha256 = "sha256-Qs+wpx9pRdWdY9FrBaKM8gdB0+POy80I6DB4UaBsJEE="; + sha256 = "sha256-FBx4v29ZuhXwubWivIXReO5Ge/rPt1J3LbXlprC7E9c="; }; vendorSha256 = null; diff --git a/pkgs/tools/security/sequoia/default.nix b/pkgs/tools/security/sequoia/default.nix index 324af6aa4c9..4803430018e 100644 --- a/pkgs/tools/security/sequoia/default.nix +++ b/pkgs/tools/security/sequoia/default.nix @@ -5,7 +5,7 @@ , git , nettle # Use the same llvmPackages version as Rust -, llvmPackages_10 +, llvmPackages_12 , cargo , rustc , rustPlatform @@ -41,8 +41,8 @@ rustPlatform.buildRustPackage rec { cargo rustc git - llvmPackages_10.libclang.lib - llvmPackages_10.clang + llvmPackages_12.libclang.lib + llvmPackages_12.clang ensureNewerSourcesForZipFilesHook capnproto ] ++ @@ -72,7 +72,7 @@ rustPlatform.buildRustPackage rec { "build-release" ]; - LIBCLANG_PATH = "${llvmPackages_10.libclang.lib}/lib"; + LIBCLANG_PATH = "${llvmPackages_12.libclang.lib}/lib"; # Sometimes, tests fail on CI (ofborg) & hydra without this CARGO_TEST_ARGS = "--workspace --exclude sequoia-store"; diff --git a/pkgs/tools/security/sigma-cli/default.nix b/pkgs/tools/security/sigma-cli/default.nix index 3bf4e788912..5a6a3ab9ef5 100644 --- a/pkgs/tools/security/sigma-cli/default.nix +++ b/pkgs/tools/security/sigma-cli/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "sigma-cli"; - version = "0.3.0"; + version = "0.3.2"; format = "pyproject"; src = fetchFromGitHub { owner = "SigmaHQ"; repo = pname; rev = "v${version}"; - hash = "sha256-Nfd78Y35naDTzwodcdvJr/02CptcHxS717VGsR/QOuI="; + hash = "sha256-We6vJXLIxGe//78pgJFrihFJHl0gRd02I53hoYWcao0="; }; nativeBuildInputs = with python3.pkgs; [ diff --git a/pkgs/tools/security/spire/default.nix b/pkgs/tools/security/spire/default.nix index 5f06abeda1b..9b9e9e93488 100644 --- a/pkgs/tools/security/spire/default.nix +++ b/pkgs/tools/security/spire/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "spire"; - version = "1.2.0"; + version = "1.2.1"; outputs = [ "out" "agent" "server" ]; @@ -10,10 +10,10 @@ buildGoModule rec { owner = "spiffe"; repo = pname; rev = "v${version}"; - sha256 = "01ph9jzh18bnidrsbnnxm3gxh0cgfllnjvf7a5haqz51lm6a9pny"; + sha256 = "sha256-LK73RGSTwGhCXOglsqK8RAAldovRzliE78vi2ilTSrw="; }; - vendorSha256 = "1fd1k5by4wcjmzfgi3gnrwnb38b0wa3w67kzjlx8s0nwapyfgx0b"; + vendorSha256 = "sha256-am8ZTUX8Vph1Eg013NObMiSVeupS2hlHdpZ/1mO27dY="; subPackages = [ "cmd/spire-agent" "cmd/spire-server" ]; @@ -30,6 +30,7 @@ buildGoModule rec { meta = with lib; { description = "The SPIFFE Runtime Environment"; homepage = "https://github.com/spiffe/spire"; + changelog = "https://github.com/spiffe/spire/releases/tag/v${version}"; license = licenses.asl20; maintainers = with maintainers; [ jonringer fkautz ]; }; diff --git a/pkgs/tools/security/volatility3/default.nix b/pkgs/tools/security/volatility3/default.nix index 393ac90d316..e019d96129f 100644 --- a/pkgs/tools/security/volatility3/default.nix +++ b/pkgs/tools/security/volatility3/default.nix @@ -5,15 +5,13 @@ python3.pkgs.buildPythonApplication rec { pname = "volatility3"; - version = "2.0.0"; - - disabled = python3.pythonOlder "3.6"; + version = "2.0.1"; src = fetchFromGitHub { owner = "volatilityfoundation"; repo = pname; rev = "v${version}"; - sha256 = "141n09cdc17pfdhs01aw8l4cvsqpcz8ji5l4gi7r88cyf4ix2lnz"; + hash = "sha256-rEqp+V5r4Sk4D+r2ukR1uy4IDj9XQGhYwoYSPeMyKpA="; }; propagatedBuildInputs = with python3.pkgs; [ @@ -31,7 +29,9 @@ python3.pkgs.buildPythonApplication rec { # Project has no tests doCheck = false; - pythonImportsCheck = [ "volatility3" ]; + pythonImportsCheck = [ + "volatility3" + ]; meta = with lib; { description = "Volatile memory extraction frameworks"; diff --git a/pkgs/tools/security/zdns/default.nix b/pkgs/tools/security/zdns/default.nix index 913735d4cb9..354dd5b6447 100644 --- a/pkgs/tools/security/zdns/default.nix +++ b/pkgs/tools/security/zdns/default.nix @@ -5,19 +5,16 @@ buildGoModule rec { pname = "zdns"; - version = "20210327-${lib.strings.substring 0 7 rev}"; - rev = "8c53210f0b9a4fe16c70a5d854e9413c3d0c1ba2"; + version = "2022-03-14-unstable"; src = fetchFromGitHub { owner = "zmap"; repo = pname; - inherit rev; - sha256 = "0pdfz1489ynpw72flalnlkwybp683v826icjx7ljys45xvagdvck"; + rev = "d659a361f6d5165462c10e1c1243f420175e066b"; + hash = "sha256-856O6H03me3IM39/+6n56KJIetL+v4on6+lJx5D2Pcw="; }; - vendorSha256 = "0b8h5n01xmhar1a09svb35ah48k9zdy1mn5balq0h2l0jxr05z78"; - - subPackages = [ "zdns" ]; + vendorSha256 = "sha256-5kZ0voyicnqK/0yrMYW+gR1vVDyptW6I1HgyG4zleX8="; meta = with lib; { description = "CLI DNS lookup tool"; |